diff options
| author | Damien Miller <djm@mindrot.org> | 2002-05-13 10:48:57 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2002-05-13 10:48:57 +1000 |
| commit | a18bbd398e053acb58a79a2b4e0f13b4db8a0bae (patch) | |
| tree | 0d570609b81ffd0217ce20c46058d3cdad593d72 | |
| parent | 802b9568686032c81e4a998dc282df6ed63d4090 (diff) | |
- (djm) Add --with-superuser-path=xxx configure option to specify what $PATH
the superuser receives.
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | configure.ac | 19 | ||||
| -rw-r--r-- | session.c | 5 |
3 files changed, 28 insertions, 2 deletions
@@ -1,3 +1,7 @@ +20020513 + - (djm) Add --with-superuser-path=xxx configure option to specify what $PATH + the superuser receives. + 20020511 - (tim) [configure.ac] applied a rework of djm's OpenSSL search cleanup patch. Now only searches system and /usr/local/ssl (OpenSSL's default install path) @@ -567,4 +571,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2106 2002/05/11 22:30:04 tim Exp $ +$Id: ChangeLog,v 1.2107 2002/05/13 00:48:57 djm Exp $ diff --git a/configure.ac b/configure.ac index 637b14e4..1b8aa5e1 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.56 2002/05/11 20:17:44 tim Exp $ +# $Id: configure.ac,v 1.57 2002/05/13 00:48:58 djm Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -2011,6 +2011,19 @@ if test "$USES_LOGIN_CONF" != "yes" ; then AC_SUBST(user_path) fi +# Set superuser path separately to user path +MD5_MSG="no" +AC_ARG_WITH(superuser-path, + [ --with-superuser-path= Specify different path for super-user], + [ + if test "x$withval" != "xno" ; then + AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval") + superuser_path=$withval + fi + ] +) + + # Whether to force IPv4 by default (needed on broken glibc Linux) IPV4_HACK_MSG="no" AC_ARG_WITH(ipv4-default, @@ -2351,6 +2364,7 @@ E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` G=`eval echo ${piddir}` ; G=`eval echo ${G}` H=`eval echo ${user_path}` ; H=`eval echo ${H}` +I=`eval echo ${superuser_path}` ; I=`eval echo ${I}` echo "" echo "OpenSSH has been configured with the following options:" @@ -2365,6 +2379,9 @@ echo " At runtime, sshd will use the path defined in /etc/login.conf" else echo " sshd default user PATH: $H" fi +if test ! -z "$superuser_path" ; then +echo " sshd superuser user PATH: $I" +fi echo " Manpage format: $MANTYPE" echo " PAM support: ${PAM_MSG}" echo " KerberosIV support: $KRB4_MSG" @@ -871,7 +871,12 @@ do_setup_env(Session *s, const char *shell) * needed for loading shared libraries. So the path better * remains intact here. */ +# ifdef SUPERUSER_PATH + child_set_env(&env, &envsize, "PATH", + s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH); +# else child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); +# endif /* SUPERUSER_PATH */ # endif /* HAVE_CYGWIN */ #endif /* HAVE_LOGIN_CAP */ |